Latest CVE Feed
-
7.5
HIGHCVE-2014-9849
The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).... Read more
- Published: Mar. 20, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2014-9848
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).... Read more
- Published: Mar. 20, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2014-9847
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.... Read more
- Published: Mar. 20, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2014-9846
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.... Read more
- Published: Mar. 20, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2014-9845
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.... Read more
- Published: Mar. 20, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2014-9844
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.... Read more
- Published: Mar. 20, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2014-9843
The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.... Read more
- Published: Mar. 20, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2014-9842
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.... Read more
- Published: Mar. 20, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2014-9841
The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions."... Read more
- Published: Mar. 20, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2012-5361
Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted WMV file.... Read more
Affected Products : ffmpeg- Published: Mar. 20, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2017-7187
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call... Read more
Affected Products : linux_kernel- Published: Mar. 20, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-7186
libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup.... Read more
- Published: Mar. 20, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2014-9938
contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize branch names in the PS1 variable, allowing a malicious repository to cause code execution.... Read more
Affected Products : git- Published: Mar. 20, 2017
- Modified: Apr. 20, 2025
-
7.2
HIGHCVE-2017-5623
An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3 and 3T devices. The attacker can change the bootmode of the device by issuing the 'fastboot oem boot_mode {rf/wlan/ftm/normal} command' in contradiction to the threat model of Android where the... Read more
- Published: Mar. 19, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2017-7184
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based ... Read more
- Published: Mar. 19, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2016-8855
Cross-Site Scripting (XSS) in "/sitecore/client/Applications/List Manager/Taskpages/Contact list" in Sitecore Experience Platform 8.1 rev. 160519 (8.1 Update-3) allows remote attacks via the Name or Description parameter. This is fixed in 8.2 Update-2.... Read more
Affected Products : experience_platform- Published: Mar. 19, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-7178
CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves (1) hosting a crafted plugin that executes an arbitrary program from its __init__.py file and (2) causing the victim to download, install, and enable this plu... Read more
- Published: Mar. 18, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-7177
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching.... Read more
- Published: Mar. 18, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-10253
An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordina... Read more
Affected Products : erlang\/otp- Published: Mar. 18, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-7174
The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 allows remote attackers to execute arbitrary code. This is fixed in 2.4.5.... Read more
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025